Users Guide
○ Windows Server 2012 R2
● Dell Data Protection | Server Encryption is now supported. Server Encryption provides remote management of servers,
including the following:
○ Software encryption
○ Port control
○ Removable storage encryption
○ Support for maintenance scheduling, which allows control over enforcement of policies that require reboot
● Endpoint Security Suite Enterprise now includes an automatic client update feature. This feature automatically delivers the
latest advanced threat prevention updates to clients, with the latest threat detection algorithms tested and approved by
Dell, without requiring a new Endpoint Security Suite Enterprise release. This feature is disabled by default. To enable the
automatic update feature, contact Dell ProSupport at 877-459-7304 Ext. 4310039.
● The Windows USB selective suspend feature is now supported.
● Beginning with v8.9.3, Dell Data Protection | Hardware Crypto Accelerator is not supported. Installation and upgrade do not
proceed if Hardware Crypto Accelerator is detected and the computer is disk encrypted with it. In cases where Hardware
Crypto Accelerator is installed but the computer is not disk not encrypted with it, upgrade will proceed. However, Hardware
Crypto Accelerator will be ignored. The last Endpoint Security Suite Enterprise client version to support Hardware Crypto
Accelerator functionality is v1.0.1. Support for v1.0.1 will continue through April 8, 2020.
Resolved Technical Advisories v1.1
Advanced Threat Protection v1.1
● After upgrade to Windows 10 and restart, the Enrollments and Password Manager tiles display as expected in the DDP
Console. [DDPC-2322]
● An issue that caused a Windows 10 computer running the Encryption client to become unresponsive after restart is resolved.
[DDPC-2336]
● After upgrade from a previous Endpoint Security Suite version the popup message, "The system information has been copied
to the clipboard" from the DDP Console system tray icon > About > Copy Info, now closes when the user presses the
Enter key to select OK. [DDPC-2394]
● An issue that cauased the DDP Console to become unresponsive due to an unhandled exception is resolved. [DDPC-3480]
Encryption Client v8.9.3
● Installer logging of launch conditions is improved. [DDPC-918]
● An issue that resulted in a computer occasionally becoming unresponsive after reboot is now resolved. [DDPC-1255]
● The Encryption Removal Agent no longer crashes during decryption of HCA- or SDE-encrypted files if the key bundle is
missing or inaccessible to the Agent. Instead, a message displays that files could not be decrypted. [DDPC-1359]
● An issue that caused the Shield Service to crash is now resolved. [DDPC-2189]
● An issue that led to unresponsiveness after restarting a Windows 10 computer running Advanced Threat Protection is now
resolved. [DDPC-2336]
●
An issue that caused a restart and lock at the Windows startup screen on Windows 7 computers running Bitdefender
Antivirus is resolved. [DDPC-2561, DDPSUS-842]
● SDE encryption now proceeds on computers with HCA or a SED, and a log entry stating SDE policies are blocked due to FVE
or a SED disk no longer displays. SDE Encryption is now enabled by default in new installations and upgrades, based on the
registry entry HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CMgShield\AlwaysApplySDE set to "1."
[DDPC-3273]
● Encryption handling of files that are always in use is improved. [DDPC-3331, DDPC-3333, DDPC-3334]
● Additional data is now provided to Dell Data Protection Server for endpoint status reporting. [DDPC-3332, DDPC-3335]
● Windows logon with a smart card now proceeds as expected. [DDPSUS-855]
● Encryption sweep performance is improved on Windows 10 computers running Sophos. [DDPSUS-866]
● An issue that resulted in occasional computer unresponsiveness after installation but before activation is resolved.
[DDPSUS-1037]
● An issue that led to multiple restarts is now resolved. [DDPSUS-1087]
60
Technical Advisories